If the question was geared towards repositories that provide 3rd party modules, then the above still applies to a

If the question was geared towards repositories that provide 3rd party modules, then the above still applies to a

degree. The repository would need to generate their own signing key, and users would need to enroll the public portion

degree. The repository would need to generate their own signing key, and users would need to enroll the public portion

−

of that key on their systems in order to use modules provided by the repo. [[jwboyer|Josh Boyer]] 19:21 20 July 2012

+

of that key on their systems in order to use modules provided by the repo. --[[jwboyer|Josh Boyer]] 19:21 20 July 2012

Revision as of 19:21, 20 July 2012

What is the impact on third-party kernel modules? (I don't think we need to support them, but it will be necessary to highlight in release notes.) --Mitr 15:24, 20 July 2012 (UTC)

I'll take a crack at answering this. Peter and Matthew can yell at me if I screw up. Firstly, if a user wants to use
3rd party modules they can disable secure boot and they will work as well as they did before. That is the easiest
option relatively speaking. Assuming a user wishes to use secure boot with a 3rd party module, then they can use the
tools that will be provided as part of the feature to create their own signing key. They would enroll the public
portion of this key in the firmware on their machine and sign any additional modules they wish to use. This would need
to be done whenever a new build of a module is required (kernel update, module update, etc). NOTE: the kernel code to
support this still needs to be written and tested.

If the question was geared towards repositories that provide 3rd party modules, then the above still applies to a
degree. The repository would need to generate their own signing key, and users would need to enroll the public portion
of that key on their systems in order to use modules provided by the repo. --Josh Boyer 19:21 20 July 2012

Red Hat, Red Hat Enterprise Linux, the Shadowman logo, and JBoss are trademarks or registered trademarks of
Red Hat, Inc. or its subsidiaries in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.
The Fedora Project is maintained and driven by the community and sponsored by Red Hat. This is a community
maintained site. Red Hat is not responsible for content.